1// SPDX-License-Identifier: MIT
2/*
3 * VirtualBox Guest Shared Folders support: Regular file inode and file ops.
4 *
5 * Copyright (C) 2006-2018 Oracle Corporation
6 */
7
8#include <linux/mm.h>
9#include <linux/page-flags.h>
10#include <linux/pagemap.h>
11#include <linux/highmem.h>
12#include <linux/sizes.h>
13#include "vfsmod.h"
14
15struct vboxsf_handle {
16	u64 handle;
17	u32 root;
18	u32 access_flags;
19	struct kref refcount;
20	struct list_head head;
21};
22
23struct vboxsf_handle *vboxsf_create_sf_handle(struct inode *inode,
24					      u64 handle, u32 access_flags)
25{
26	struct vboxsf_inode *sf_i = VBOXSF_I(inode);
27	struct vboxsf_handle *sf_handle;
28
29	sf_handle = kmalloc(sizeof(*sf_handle), GFP_KERNEL);
30	if (!sf_handle)
31		return ERR_PTR(-ENOMEM);
32
33	/* the host may have given us different attr then requested */
34	sf_i->force_restat = 1;
35
36	/* init our handle struct and add it to the inode's handles list */
37	sf_handle->handle = handle;
38	sf_handle->root = VBOXSF_SBI(inode->i_sb)->root;
39	sf_handle->access_flags = access_flags;
40	kref_init(&sf_handle->refcount);
41
42	mutex_lock(&sf_i->handle_list_mutex);
43	list_add(&sf_handle->head, &sf_i->handle_list);
44	mutex_unlock(&sf_i->handle_list_mutex);
45
46	return sf_handle;
47}
48
49static int vboxsf_file_open(struct inode *inode, struct file *file)
50{
51	struct vboxsf_sbi *sbi = VBOXSF_SBI(inode->i_sb);
52	struct shfl_createparms params = {};
53	struct vboxsf_handle *sf_handle;
54	u32 access_flags = 0;
55	int err;
56
57	/*
58	 * We check the value of params.handle afterwards to find out if
59	 * the call succeeded or failed, as the API does not seem to cleanly
60	 * distinguish error and informational messages.
61	 *
62	 * Furthermore, we must set params.handle to SHFL_HANDLE_NIL to
63	 * make the shared folders host service use our mode parameter.
64	 */
65	params.handle = SHFL_HANDLE_NIL;
66	if (file->f_flags & O_CREAT) {
67		params.create_flags |= SHFL_CF_ACT_CREATE_IF_NEW;
68		/*
69		 * We ignore O_EXCL, as the Linux kernel seems to call create
70		 * beforehand itself, so O_EXCL should always fail.
71		 */
72		if (file->f_flags & O_TRUNC)
73			params.create_flags |= SHFL_CF_ACT_OVERWRITE_IF_EXISTS;
74		else
75			params.create_flags |= SHFL_CF_ACT_OPEN_IF_EXISTS;
76	} else {
77		params.create_flags |= SHFL_CF_ACT_FAIL_IF_NEW;
78		if (file->f_flags & O_TRUNC)
79			params.create_flags |= SHFL_CF_ACT_OVERWRITE_IF_EXISTS;
80	}
81
82	switch (file->f_flags & O_ACCMODE) {
83	case O_RDONLY:
84		access_flags |= SHFL_CF_ACCESS_READ;
85		break;
86
87	case O_WRONLY:
88		access_flags |= SHFL_CF_ACCESS_WRITE;
89		break;
90
91	case O_RDWR:
92		access_flags |= SHFL_CF_ACCESS_READWRITE;
93		break;
94
95	default:
96		WARN_ON(1);
97	}
98
99	if (file->f_flags & O_APPEND)
100		access_flags |= SHFL_CF_ACCESS_APPEND;
101
102	params.create_flags |= access_flags;
103	params.info.attr.mode = inode->i_mode;
104
105	err = vboxsf_create_at_dentry(file_dentry(file), &params);
106	if (err == 0 && params.handle == SHFL_HANDLE_NIL)
107		err = (params.result == SHFL_FILE_EXISTS) ? -EEXIST : -ENOENT;
108	if (err)
109		return err;
110
111	sf_handle = vboxsf_create_sf_handle(inode, params.handle, access_flags);
112	if (IS_ERR(sf_handle)) {
113		vboxsf_close(sbi->root, params.handle);
114		return PTR_ERR(sf_handle);
115	}
116
117	file->private_data = sf_handle;
118	return 0;
119}
120
121static void vboxsf_handle_release(struct kref *refcount)
122{
123	struct vboxsf_handle *sf_handle =
124		container_of(refcount, struct vboxsf_handle, refcount);
125
126	vboxsf_close(sf_handle->root, sf_handle->handle);
127	kfree(sf_handle);
128}
129
130void vboxsf_release_sf_handle(struct inode *inode, struct vboxsf_handle *sf_handle)
131{
132	struct vboxsf_inode *sf_i = VBOXSF_I(inode);
133
134	mutex_lock(&sf_i->handle_list_mutex);
135	list_del(&sf_handle->head);
136	mutex_unlock(&sf_i->handle_list_mutex);
137
138	kref_put(&sf_handle->refcount, vboxsf_handle_release);
139}
140
141static int vboxsf_file_release(struct inode *inode, struct file *file)
142{
143	/*
144	 * When a file is closed on our (the guest) side, we want any subsequent
145	 * accesses done on the host side to see all changes done from our side.
146	 */
147	filemap_write_and_wait(inode->i_mapping);
148
149	vboxsf_release_sf_handle(inode, file->private_data);
150	return 0;
151}
152
153/*
154 * Write back dirty pages now, because there may not be any suitable
155 * open files later
156 */
157static void vboxsf_vma_close(struct vm_area_struct *vma)
158{
159	filemap_write_and_wait(vma->vm_file->f_mapping);
160}
161
162static const struct vm_operations_struct vboxsf_file_vm_ops = {
163	.close		= vboxsf_vma_close,
164	.fault		= filemap_fault,
165	.map_pages	= filemap_map_pages,
166};
167
168static int vboxsf_file_mmap(struct file *file, struct vm_area_struct *vma)
169{
170	int err;
171
172	err = generic_file_mmap(file, vma);
173	if (!err)
174		vma->vm_ops = &vboxsf_file_vm_ops;
175
176	return err;
177}
178
179/*
180 * Note that since we are accessing files on the host's filesystem, files
181 * may always be changed underneath us by the host!
182 *
183 * The vboxsf API between the guest and the host does not offer any functions
184 * to deal with this. There is no inode-generation to check for changes, no
185 * events / callback on changes and no way to lock files.
186 *
187 * To avoid returning stale data when a file gets *opened* on our (the guest)
188 * side, we do a "stat" on the host side, then compare the mtime with the
189 * last known mtime and invalidate the page-cache if they differ.
190 * This is done from vboxsf_inode_revalidate().
191 *
192 * When reads are done through the read_iter fop, it is possible to do
193 * further cache revalidation then, there are 3 options to deal with this:
194 *
195 * 1)  Rely solely on the revalidation done at open time
196 * 2)  Do another "stat" and compare mtime again. Unfortunately the vboxsf
197 *     host API does not allow stat on handles, so we would need to use
198 *     file->f_path.dentry and the stat will then fail if the file was unlinked
199 *     or renamed (and there is no thing like NFS' silly-rename). So we get:
200 * 2a) "stat" and compare mtime, on stat failure invalidate the cache
201 * 2b) "stat" and compare mtime, on stat failure do nothing
202 * 3)  Simply always call invalidate_inode_pages2_range on the range of the read
203 *
204 * Currently we are keeping things KISS and using option 1. this allows
205 * directly using generic_file_read_iter without wrapping it.
206 *
207 * This means that only data written on the host side before open() on
208 * the guest side is guaranteed to be seen by the guest. If necessary
209 * we may provide other read-cache strategies in the future and make this
210 * configurable through a mount option.
211 */
212const struct file_operations vboxsf_reg_fops = {
213	.llseek = generic_file_llseek,
214	.read_iter = generic_file_read_iter,
215	.write_iter = generic_file_write_iter,
216	.mmap = vboxsf_file_mmap,
217	.open = vboxsf_file_open,
218	.release = vboxsf_file_release,
219	.fsync = noop_fsync,
220	.splice_read = filemap_splice_read,
221	.setlease = simple_nosetlease,
222};
223
224const struct inode_operations vboxsf_reg_iops = {
225	.getattr = vboxsf_getattr,
226	.setattr = vboxsf_setattr
227};
228
229static int vboxsf_read_folio(struct file *file, struct folio *folio)
230{
231	struct page *page = &folio->page;
232	struct vboxsf_handle *sf_handle = file->private_data;
233	loff_t off = page_offset(page);
234	u32 nread = PAGE_SIZE;
235	u8 *buf;
236	int err;
237
238	buf = kmap(page);
239
240	err = vboxsf_read(sf_handle->root, sf_handle->handle, off, &nread, buf);
241	if (err == 0) {
242		memset(&buf[nread], 0, PAGE_SIZE - nread);
243		flush_dcache_page(page);
244		SetPageUptodate(page);
245	} else {
246		SetPageError(page);
247	}
248
249	kunmap(page);
250	unlock_page(page);
251	return err;
252}
253
254static struct vboxsf_handle *vboxsf_get_write_handle(struct vboxsf_inode *sf_i)
255{
256	struct vboxsf_handle *h, *sf_handle = NULL;
257
258	mutex_lock(&sf_i->handle_list_mutex);
259	list_for_each_entry(h, &sf_i->handle_list, head) {
260		if (h->access_flags == SHFL_CF_ACCESS_WRITE ||
261		    h->access_flags == SHFL_CF_ACCESS_READWRITE) {
262			kref_get(&h->refcount);
263			sf_handle = h;
264			break;
265		}
266	}
267	mutex_unlock(&sf_i->handle_list_mutex);
268
269	return sf_handle;
270}
271
272static int vboxsf_writepage(struct page *page, struct writeback_control *wbc)
273{
274	struct inode *inode = page->mapping->host;
275	struct vboxsf_inode *sf_i = VBOXSF_I(inode);
276	struct vboxsf_handle *sf_handle;
277	loff_t off = page_offset(page);
278	loff_t size = i_size_read(inode);
279	u32 nwrite = PAGE_SIZE;
280	u8 *buf;
281	int err;
282
283	if (off + PAGE_SIZE > size)
284		nwrite = size & ~PAGE_MASK;
285
286	sf_handle = vboxsf_get_write_handle(sf_i);
287	if (!sf_handle)
288		return -EBADF;
289
290	buf = kmap(page);
291	err = vboxsf_write(sf_handle->root, sf_handle->handle,
292			   off, &nwrite, buf);
293	kunmap(page);
294
295	kref_put(&sf_handle->refcount, vboxsf_handle_release);
296
297	if (err == 0) {
298		ClearPageError(page);
299		/* mtime changed */
300		sf_i->force_restat = 1;
301	} else {
302		ClearPageUptodate(page);
303	}
304
305	unlock_page(page);
306	return err;
307}
308
309static int vboxsf_write_end(struct file *file, struct address_space *mapping,
310			    loff_t pos, unsigned int len, unsigned int copied,
311			    struct page *page, void *fsdata)
312{
313	struct inode *inode = mapping->host;
314	struct vboxsf_handle *sf_handle = file->private_data;
315	unsigned int from = pos & ~PAGE_MASK;
316	u32 nwritten = len;
317	u8 *buf;
318	int err;
319
320	/* zero the stale part of the page if we did a short copy */
321	if (!PageUptodate(page) && copied < len)
322		zero_user(page, from + copied, len - copied);
323
324	buf = kmap(page);
325	err = vboxsf_write(sf_handle->root, sf_handle->handle,
326			   pos, &nwritten, buf + from);
327	kunmap(page);
328
329	if (err) {
330		nwritten = 0;
331		goto out;
332	}
333
334	/* mtime changed */
335	VBOXSF_I(inode)->force_restat = 1;
336
337	if (!PageUptodate(page) && nwritten == PAGE_SIZE)
338		SetPageUptodate(page);
339
340	pos += nwritten;
341	if (pos > inode->i_size)
342		i_size_write(inode, pos);
343
344out:
345	unlock_page(page);
346	put_page(page);
347
348	return nwritten;
349}
350
351/*
352 * Note simple_write_begin does not read the page from disk on partial writes
353 * this is ok since vboxsf_write_end only writes the written parts of the
354 * page and it does not call SetPageUptodate for partial writes.
355 */
356const struct address_space_operations vboxsf_reg_aops = {
357	.read_folio = vboxsf_read_folio,
358	.writepage = vboxsf_writepage,
359	.dirty_folio = filemap_dirty_folio,
360	.write_begin = simple_write_begin,
361	.write_end = vboxsf_write_end,
362};
363
364static const char *vboxsf_get_link(struct dentry *dentry, struct inode *inode,
365				   struct delayed_call *done)
366{
367	struct vboxsf_sbi *sbi = VBOXSF_SBI(inode->i_sb);
368	struct shfl_string *path;
369	char *link;
370	int err;
371
372	if (!dentry)
373		return ERR_PTR(-ECHILD);
374
375	path = vboxsf_path_from_dentry(sbi, dentry);
376	if (IS_ERR(path))
377		return ERR_CAST(path);
378
379	link = kzalloc(PATH_MAX, GFP_KERNEL);
380	if (!link) {
381		__putname(path);
382		return ERR_PTR(-ENOMEM);
383	}
384
385	err = vboxsf_readlink(sbi->root, path, PATH_MAX, link);
386	__putname(path);
387	if (err) {
388		kfree(link);
389		return ERR_PTR(err);
390	}
391
392	set_delayed_call(done, kfree_link, link);
393	return link;
394}
395
396const struct inode_operations vboxsf_lnk_iops = {
397	.get_link = vboxsf_get_link
398};
399